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MICROSOFT CORPORATION 



UNITED STATES DISTRICT COURT 
NORTHERN DISTRICT OF CALIFORNIA 
OAKX AND DIVISION 



INTERTRUST TECHNOLOGIES 
CORPORATION, a Delaware corporation, 

Plaintifi; 



MICROSOFT CORPORATION, a 
Washington Coiporation, 

Defendant. 



CASE NO: C 01-1640 SBA 

MICROSOFT CORPORATION'S 
FIRST AMENDED ANSWER AND 
COUNTERCLAIMS TO THE SECOND 
AMENDED COMPLAINT 



Defendant Microsoft Corporation C'Microsoft*') answers the Second Amended 
Complaint of InterTnist Technologies Coiporation ("Int^rTrusf *) as follows: 

1 . Microsoft admits diat the Second Amended Complaint purports to state a 
cause of action under the patent laws of the United States, 35 United States Code, §§ 271 and 
281 . Microsoft denies that it has infringed or now infringes the patents asserted against Microsoft 
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in the Second Amended Complaint. Microsoft denies any and all remaining aHegations of 
paragrapb 1 of the Second Amended Complaint. 

2. Microsoft admits that the Second Amended Complaint purports to state a 
cause of action over which this Court has subject matter jurisdiction under 28 US.C. §§ 1331 and 
1338(a). 

3 . Microsoft admits, for purposes of this action only, that venue is proper in 
this judicial district Microsoft denies any and all remaining allegations of paragraph 3 of the 
Second Amended Complaint 

4. Upon information and belief Microsoft admits the allegations of paragraph 

4 of the Second Amended Complaint 

5. Microsoft admits the allegations of paragraph 5 of the Second Amended 

Complaint. 

6. Microsoft admits, for purposes of this action only, that it transacts business 
in this judicial district Microsoft denies any and all remaining allegations of paragraph 6 of the 
Second Amended Complaint. 

7. Microsoft admits that on its face the title page of U.S. Patent No. 6,1 85,683 
Bl ("the '683 Patent*') states that it was issued February 6, 2001^ is entitled "Trusted and secure 
teclmiques, systems and methods for item delivery and execution," and lists "IntcrTrust 
Technologies Corp." as the assignee.. ^Ccrosoft admits that a copy of the *683 Patent was 
attached to the copy of the Second Amended Complaint delivered to counsel for Microsoft, but 
denies that such copy was full and complete insofar as it did not include any material purportedly 
incorporated by reference therein. Microsoft denies that the '683 Patent was duly and lawfiiUy 
issued. Microsoft fiirther denies any and all remaining allegations of paragraph 7 of the Second 
Amended Complaint. 

8. Microsoft admits that on its face the title page of U.S. Patent No. 6,253,1 93 
Bl C'lhe '193 Patent**) states that it was issued June 26, 2001, is entitled "Systems and meAods 
for the secure transaction management and electronic rights protecrion,** and hsts 'TnterTmst 
Technologies Corporation" as the assignee. Microsoft admits that a copy of text associated with 
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he M93 Patent was attached to the copy of the Second Amended Cotnplaint delivered to counsel 
for Microsoft, but denies that such copy was foil and complete as it did not include, among other 
^ngs, any of the drawings or figures. Microsoft further denies such copy was full and complete 
insofar as it did not include any material purportedly mcoiporated by reference therein. Microsoft 
denies that the '193 Patent was duly lawfully issued. Microsoft further denies any and all 
remaining allegations of paragraph 8 of the Second Amended Complaint. 

9. Microsoft admits that on its face the title page of U,S, Patent No. 5.940,504 
(•the '504 Patent^ states that it was issued August 17, 1999 and is entitled '^Licensing 
management system and method in which datagrams including an addressee of a licensee and 
indicative of use of a licensed product are sent from the licensee's site." Microsoft admits that a 
copy of the '504 Patent was attached to the copy of the Second Amended Complamt delivered to 
counsel for Microsoft. Microsoft denies that the *504 Patent was duly and lawfixlly issued. 
Microsoft further denies any and all remaining allegations of paragraph 9 of the Second Amended 
Complaint. 

10- Microsoft admits that on its face the title page of U.S. Patent No. 5,920,861 
("the '861 Patent") states that it was issued July 6, 1999, is entitled "Techniques for defining* 
using and manipulating rights management data structures," and lists "foterTrust Technologies 
Corp.'* as the assignee. Microsoft admits that a copy of the '861 Patent was attached to the copy 
of the Second Amended Complaint delivered to counsel for Microsoft, but denies that such copy 
ivas full and complete insofar as it did not include any material purportedly incorporated by 
reference therein. Microsoft denies that the '861 Patent was duly and lavdEiilly issued. Microsoft 
further denies any and all remaining allegations of paragraph 10 of the Second Amended 
Complaint 

1 1 . Microsoft repeats and reasserts its responses to paragraphs 1 -1 of the 
Second Amended Complaint, as if fully restated hereiiL 

12. Microsoft admits that the Second Amended Complaint purports to state a 
:ause of action under 35 U.S.C. §§ 271 and 281. Microsoft denies that it has infringed or now 
infringes the patents asserted against Microsoft in the Second Amended Complaint. Microsoft 
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denies any and aU remammg allegations of paragraph 12 of the Second Amended Complaint 

1 3. Microsoft denies any and all allegations of paragr^h 13 of the Second 

Aroeoded Complaint. 

14. Microsoft denies any and ail allegations of paragraph 14 of the Second 



Amended Complaint 

1 5 . Microsoft denies any and all allegations of paragraph 1 5 of the Second 

7 j Amended Complaint 

g I 16. Microsoft denies any and all allegations of paragraph 16 of the Second 

9 Amended Complaint. 

^ Q 17. Microsoft denies any and all allegations of paragraph 1 7 of the Second 

1 1 Amended Complaint 

j2 18. Microsoft repeats and reasserts its respoiises to paragraphs 1-6 and 8 of the 

1 3 Second Amended Complaint, as if fully restated herein, 

14 19. Microsoft admits that the Second Amended Complaint purports to state a 

1 5 cause of action under 35 U.S.C. §§ 271 and 281. Microsoft denies that it has inftinged or now 

1 6 infringes the patents asserted against Microsoft in the Second Amended Complaint. Microsoft 

17 denies any and ail remaining allegations of paragraph 19 of flxe Second Amended Complaint. 
1 g 20. Microsoft denies any and all allegations of paragraph 20 of the Second 

19 Amended Complaint 

20 21 . Microsoft denies any and all allegations of paragraph 21 of the Second 

21 Amended Complaint 

22 22. Microsoft denies any and all allegations of paragraph 22 of the Second 

23 Amended Complaint. 

24 23. Microsoft denies any and all allegations of paragraph 23 of the Second 

25 Amended Complaint, 

26 j 24. Microsoft denies any and all allegations of paragraph 24 of the Second 

27 I Amended Complamt 

1% 
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25 . Microsoft repeats aaid reasserts its responses to paragraphs 1 -6 and 9 of the 
Second Amended Complaint, as if fully r^jstatcd herein. 

26. Microsoft admits ttat the Second Amended Complaint purports to slate a 

I 

cause ofaction under 35 U.S.C§§ 271 ajid281. Microsoft denies that it has infringed or now 
infringes Ac patents asserted against Microsoft m the Second Amended Complaint. Microsoft 
denies any and all remaining allegations |>f paragraph 26 of the Second Amended Complaint 

27. Microsoft denies my and all allegations of paragraph 27 of the Second 

Amended Complaint | 

28- Microsoft denies ^y and all allegations of paragraph 28 of the Second 

i 

Amended Complaint. i 

29. Microsoft dwiies any and all allegations of paragraph 29 of the Second 



Amended Complaint 



30. Microsoft denies any and all allegations of paragraph 30 of the Second 

i 

Amended Complaint. 

3 1 . Microsoft denies any and all allegations of paragraph 3 1 of the Second 
Amended Complaint. 

32. Microsoft repeatsjand reasserts its responses to paragraphs 1-6 and 1 0 of 
the Second Amended Complaint, as if fiiDy restated herein. 

33. Microsoft admits !that the Second Amended Complaint puiports to state a 
cause ofaction under 35 U.S.C. §§ 271 and 281. Microsoft denies that it has infringed or now 
infringes the patents asserted against Microsoft in the Second Amended Complaint, Microsoft 
denies any and all remaining allegation^ of paragraph 33 of the Second Amended Complaint. 

34. Microsoft denies Ly and all allegations of paragraph 34 of the Second 

i 

Amended Complaint. j 

35. Microsoft denies |any and all allegations of paragraph 35 of the Second 
Amended Complaint. 

36. Microsoft denies any and all allegations of paragraph 36 of the Second 

Amended Complaint. 
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37. Microsoft denies any and all allegations of paragraph 37 of the Second 

Amended Complaint. 

38. Microsoft denies any and all allegations of paragraph 38 of the Second 

Amended Complaint. 

AFFTRMATIW AND OTHER DEFENSES 
Further answering the Secbnd Amended Complaint, Microsoft asserts the 
following defenses. Microsoft reserves the right to amend its answer with additional defenses as 
further information is obtained. 

First Defense: NonipfriDgement of the Asserted Patents 

1 . Microsoft has not infringed, contributed to the infringement of, or induced 
the infringement of U.S. Patent No. 6,185,683 Bl ('Ue '683 Patent''), U.S. Patent No. 6^53,193 
Bl Cthe '193 Patent"), U.S. Patent No. 5,940,504 Cthe '504 Patent") or U.S. Patent No. 
5,920.861 Cthc *S6l Patent"), and is not liable for infringement thereof. 

2. Any and all Microsoft products or actions that are accused of infringement 
have substantial uses that do not infringe and therefore cannot induce or contribute to the 
infringement of the ^683 Patent, the *193 Patent, the *504 Patent or the '861 Patent. 

Second Defense; Invalidity of the Asserted Patents 

3. On information and belief the '683 Patent, the ' 1 93 Patent, the '504 Patent 
and the '861 Patent are invalid for failing to comply with the provisions of the Patent Laws, Title 
35 U.S.C., including without limitation one or more of 35 U.S.C. §§ 102, 103 and 1 12. 

Third Defense; Unavailability of Relief 

4. On information and behef. Plaintiifhas failed to plead and meet the 
requirements of 35 U.S.C. § 271(b) and is not entitled to any alleged damages prior to providing 
any actual notice to Microsoft of the *683 Patent, the '193 Patent, the '504 Patent or the '861 
Patent. 

Fourth Defense: Unavailability of Relief 

5. On information and belief, Plaintiff has failed to plead and meet the 
requiremenis of 35 U.S.C § 284 for enhanced damages and is not emiiled to any damages priorio 
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providing any actual notice to Microsoft of the '683 Patent, the *193 Patent, the '504 Patent, 
and/or the ' 86 1 Patent, and any alleged infiringement thereof. 

Fifth Defepse; TJnavailabilitv of Relief 

6. On information and belief, PlaintifFhas failed to plead and meet the 
requirements of 35 US-C. § 287, and has otherwise failed to show that it is entitled to any 
damages. 

Sixth Defense: Prosecntion History Estoppel 

7. Plaintiffs alleged causes of action for patent infringement arc barred under 
the doctrine of prosecution history estoppel, and Plaintiff is estopped from claiming that the *683 
Patent, the * 193 Patent, the 'SCM Patent, and/or the '861 Patent covers or inchidcs any accused 
Microsoft product or method. 

Seventh Defense; Pedicatiop to the Public 

8. Plaintiffhas dedicated to the public all methods, apparatus, and products 
disclosed in the '683 Patent, the '193 Patent, the *504 Patent, and/or the *861 Patent, but not 
literally claimed therein,.and is estopped from claiming infringement by any such public domain 
methods, 2^paratus, and products. 

Eighth Defense: UseManufactgre Bv/For United States Government 

9. To the extent tiiat any accused product has been used or manufactured by 
or for the United States, PlaintifTs claims and demands for relief are barred by 28 U,S.C. § 1498. 

Ntoth Defense: License 

10. To the extent that any of Plaintiff s allegations of infringement are 
premised on the alleged use, sale, or offer for sale of products that were manufactured by or for a 
licensee of InterTrust and/or provided by or to Microsoft to or by a licensee of InierTnist, such 
allegations are barred pursuant to license. 

Tenth Pefenser Aconiescepce 

1 1 . Plaintiff has acquiesced in at least those acts of Microsoft that are alleged 
[o infringe the '861 Patent, ibe '683 Patent, and the '193 Patent. 
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F.kventh Defense: Laches 

1 2. PlaintifP s claims for relief are barred, in whole or in part, by the equitable 

i 

loctrine of laches. ; 

Twelfth Defense; Ineouitable Conduct 

1 3. The *861 Patent claims are unenforceable due to inequitable conduct, 
including rfiose acts and failures to act set;forth in Microsoft's Counterclaim for Declaratory 
Judgment of Unenforceability of the '861 Patent, set forth below. 

COUNTERCLAIMS 

COinST I - DECLARATORY 
JUDGMENT OF NONINFRINGEMENT 

1 . This action arises under the patent laws of the United States, Title 35 

» j 

LJ.S.C. §§ 1, et seq. This Court has "subject matter jurisdiction over this counterclaini under 28 
LJ.S.C.§§ 1338, 2201, and 2202. . 

2. Microsoft Corporation CMicrosoft") is a Washington corporation with its 
principal place of business in Redmond, Washington. 

i 

3 . Upon infonnation land belief. Plaintiff /Counierclaim Defendant IhterTrust 
fechnologies Corporation ChiterTfust") is a Delaware corporation with its principal place of 
business in Santa Clara, Califonua- 

4. InterTrost purports to be the owner of U.S. Patent Nos. 6,1 85,683 Bl ("the 
683 Patent"), 6;253,193 Bl Cthe '1193 litent*'). 5,940,504 Ohe '504 Patent"), and 5,920,861 

i ; 

"the '861 Patent"). ! 

5. IntcrTnist alleges that Microsoft has infringed the '683 Patent, the '193 
>atent. the '504 Patent, and the '863 Patent. 

6. No Microsoft product has infiinged, either directly or indirectly, any claim 

j ! 

>f the '683 Patent, the ^193 Patent, the '504 Patent, or the *861 Patent, and Microsoft is not liable 
or infringement thereof 

// 



DOCS5Vl:lbOCRb.l 



-8- 



1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
)6 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 

28 

.LP 



BEST AVAILABLE COPY 



:22 FAX 415 384 0134 KEKER ft VAN NEST LLP @010 



7. All actual controversy, witWn the meaning of 28 U.S.C. §§ 2201 and 2202, 
exists between Microsoft, on the one hand, and IntcrTrost, on the other band, with respect to the 
inftingement or noninfringement 6f the '683 PatenU the '193 Patent, the '504 Patent, and/or the 
•861 Patent. 

COUNT li - DECLARATORY 
.ninnivncNT OF invalidity of th e *683 PATENT 

8. Microsoft repeats and realleges paragraphs 1-5 of its Counterclaims, as if 

fully restated herein. 

9. The '683 Patent, and each claim thereof; is invalid for failing to comply 
with the provisions of the Patent Laws, including one or more of 35 U.S.C §§ 102, 103 and 1 12. 

1 0. An actual controversy^ within the meaning of 28 U.S.C. §§ 2201 and 2202, 
exists between Microsoft, on the one hand; and InterTrusl, on the other hand, with respect to 
whether the claims of the *683 Patent are valid or invaliA 

COUNT in - DECLARATORY 
JUDGMENT OF INVALIDITY OF THE ^193 PATENT 

1 1 . Microsoft repeats and realleges paragr^bs 1 -5 of its Counterclaims as if 
fully restated herein. 

1 2. The ' 1 93 Patent, and each claim thereof, is invalid for failing to comply 
with the provisions of the Patent Laws, including one or more of 35 U.S.C. §§ 102, 103 and 1 12. 

13. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 

exists between Microsoft, on thejone han4, and InterTnist, on the other hand, with respect to 

I 

whether the claims of the '193 Patent arc valid or invalid. 

. COUNT iv - DECLARATORY 
JUDGMENT OF INVALIDrFY OF THE '504 PATENT 

14. Microsoft repeats and realleges paragraphs 1-5 of its Coxmterclaims as if 
fiiUy restated herein. 

15. The '504 Patent, and each claim thereof, is invalid for failing to comply 
with the provisions of the Patent Laws, including one or more of 35 U.S.C. §§ 102. 103 and 1 12. 
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16. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 
exists between Microsoft, on the one han^|and InterTrust, on the other hand, with respect to 
whether the claims of the '504 Patent are vahd or invalid. 

COVNT'^ - DECLARATORY 
JUDGMENT OF INVXLIDITY OF THE *861 PATENT 

17. Microsoft repeats E^d realleges paragraphs 1-5 of its Counterclaims as if 

ftilly restated herein. • 

1 8; The "861 Patent, aijiij each claim thereof, is invalid for failing to comply 
with the provisions of the Patent I^w5,iriqluding one ormoreof35U.S.C §§ 102, 103 and 112, 

19. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 
exists between Microsoft, on the one hand[ and InterTrust, on the other hand, with respect to 
whether the claims of the '861 Patent are^yalid or invalid. 

COUNT yi - DECLARATORY JUDGMENT 
OF UNENFORCEABILITY OF THE ^861 PATENT 

20. Microsoft repeats and realleges paragraphs 1-5 of its Counterclaims, as if 
fiilly restated herein. j.j 

21. Oaims M29 of the '861 Patent apphcation (SN 08/805,804), and clainas 
I-IOI of the '861 Patent, were ndt.and art! not entitled to benefit of any application filing date 

i-! • / 

prior to February 25, 1 997, under 35 US:p. § 120 or otherwise. 

22. Exhibit A^hereto is la reprint of an article entitled 'T^igibox: A Self- 



■.II 

Protecting Container for Infonnatipn Commerce." The article shown in Exhibit A (hereafter, 

l1 



'the Sibert article") was published In J\i^ 1995 in the Proceedings of the First USENK 

Workshop on Electronic Commerce. j!j 

. : Ifl 

23. On information ancJ belief, the content of pages 2-14 of Exhibit A was 
jresented at a public conference in the United States m July 1995. 

24. Exhibit B hereto is- a copy of a page from an International Application 
)ublished under the Patent Cooperation Treaty (PCT), bearing International Publication Number 
^VO 96/27155. 
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25. On informaticin and hcUef, International Application WO 96/27155 has, at 

all times since its eiing date, been ofned Ind controlled by IntcrTnist or its predecessors in 

!• l" 

interest. ;'• ■ ■ 

26. International Application WO 96/27 155 (hereafter "the WO 96/271 55 

i; i : 

(PCT) publication") was published on Seotcmbw 6, 1996. 

27. United States'-PateritNo. 5,910,987 ("the '987 Patent") issued on June 8, 
1999, from a couiinuatioa of an api|licatic|n filed on February 13, 1995. 

28. The Sibert aiiScle is prior art to claims M29 of the *861 Patent ^plication 
(SN 08/805,804), and claims l-lOljbf the *861 Patent, under 35 U.S.C §§ 102(b). 103. 

29. The WO 96/27155l(PCT) publication is prior ail to claims 1-129 of the 
*861 Patent application (SN 08/80^ 804),! and claims MOl of the '861 Patent, under 35 U.S.C. §§ 
102(a), 103. |; »• 

30. The '987 Patent is [jirior ait to claims 29-129 of the '861 Patent application 
(SN 08/805,804), and claims l-lOlj of the:*861 Patent, under 35 U.S.C. §§ 102(e), 103. 

i' |; 

31. The Sibert article was material to the patentability of claim 1 of the *861 

i h 

Patent apph'cation (SN 08/805,804). j ; 

32. The Sibert article was material to the patentability of claims 2-129 of the 

•861 Patent application (SN 08/805,804)1. 

r j: 

33. The WO 96/271 55;(PCT) publication was material to the patentability of 

claim 1 of the *861 Patent application (Sljl 08/805.804). 

I j 

34. The WO 96i!27l55.(PCT) publication was material to the patentability of 

ll 

claims 2-129 of the *861 Patent appUcation (SN 08/805,804). 

35. The *987 Patent was material to the patentability of claims 29-129 of the 
'861 Patent ^plication (SN 08/805,804); 

36. One or more of the '861 Patent applicants knew, while the '861 Patent 
application (SN 08/805,804) was pending, of the July 1995 publication of the Sibert article. 

37. On information and belief, one or mc^e of the '861 Patent aj^licants knew, 
while ihe '861 Patent application (SN 08/805,804) was pending, of the September 1996 

OOCS5V»:15C»96.I 

MicRoson CORPORATION'S First amended akswer 

-1 1- AKDCou-NTfiRCLATMS. CaSE No. C 0).1640 SBA 



01 c 

1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
IS 
19 
20 
21 
22 
23 
24 
25 j 
26 
27 
28 

LP ' 



BEST AVAILABLE COPY 



23 FAX 415 394 0134 



KEKER & VAN NEST LLP 



it013 



publication of the WO 96/27155 (PCT) piiblicatioo 



38. One or more of the 
application (SN 08/805,804) was pending 

39. On information and 



'861 Patent applicants knew, while the '861 Patent 
of the June 8, 1999 issuance of the *987 patent 
belief one or more of the attorneys who prosecuted or 
assisted in prosecuting the '861 Pat^t applicalioi) (SN 08/805,804) knew, while that application 
ivas pending, of the July 1995 publication of the Sibcrt article. 

40. One or more of the attwueys who prosecuted or assisted in prosecuting the 
'861 Patent application (SN 08/805,804) tnew, while that application was pending, of the 
September 1996 publication of the WO 96/27155 (PCT) publication. 

41 . One or more of the attorneys who prosecuted or assisted in prosecuting the 
861 Patent application (SN 08/805,804) knew, while that application was pending, of the June 8, 
[ 999 issuance of the '987 patent. 

42. The applicants for the *861 Patent did not cite the Sibert article, the WO 
>6/27155 (PCT) publication, or the '987 Patent to the Patent Office as prior art to any of claims 1- 
29 of the *861 Patent appHcation (SN 08/805,804). 

43. The applicants for ttie *861 Patent did not cite to the Patent Office as prior 
rt to any of claims 1-129 of the 'S6l Patent application (SN 08/805,804) any reference having 
lie same or substantially the same disclosure as the Sibert article, the WO 96/27155 (PCT) 
ublication, or the '987 Patent 

44. None of the Sibat article, the WO 96/271 55 (PCT) publication, or the *987 
aient is merely cumulative over any reference cited as prior art during the prosecution of the 
J61 Patent application (SN 08/805,804) 

45. On informatibn and belief, one or more of the *86i Patent applicants 
elieved, during pendency of claim '1 of the '861 Patent application (SN 08/805,804), that the 
ibcrt article disclosed an embodiment of claim 1 of the '861 Patent application (SN 08/805,804). 

46. On information and belief; one or niore of the *861 Patent applicants 
Sieved, during pendency of claim 1 of the '861 Patent application (SN 08/805,804), that the 
/O 96/27155 (PCT) publication disclosed an embodiment of claim 1 of the *861 Patent 
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application (SN 08/805,804). 

47. On informatioii and 



@)014 



l)elicf, one or more of the '861 Patent applicants 



believed, while the ^861 Patent applicalionl (SN 08/805,804) was pending, that the Sibert article 



was material to the patentability of claims 



M29 of the '861 Patent application (SN 08/805,804), 



48. On infoimation and 
believed, while the '861 Patent ^plicatioj ^ 



but, with deceptive intent, failed to disclosk that reference as prior art to the Patent Office. 



belief, one or more of the '861 Patent applicants 
(SN 08/805,804) was pending, that the WO 96/271 55 
(PCT) publication was material to the patcntabiliiy of claims 1-129 of the '861 Patent application 
(SN 08/805,804), but, with deceptive intent, failed to disclose that reference as prior art to the 



Patent Office. 



49. On information an< 



was material to the patentability of claims 



belief, one or more of the '861 Patent applicants 



believed, while the '861 Patent application (SN 08/805,804) was pending, that the '987 Patent 



29-129 of the '861 Patent application (SN 08/805,804), 



but, with deceptive intent, failed to discJose that reference as prior art to the Patent Office. 

50. The *861 Patent is menforceable due to the inequitable conduct of the *861 
Patent applicants before the Patent and Trademark OflSce in connection with the '861 Patent 
application (SN 08/805,804). 

51. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 
exists between Microsoft, on dxt one hand, and IntcrTnist, on the other hand, with respect to 



whether the claims of the '861 Patent are 



enforceable. 



COUNT iVn - INFRINGEMENT 



OFU.S. 



>ATENTNO. 6>049,671 



52. Microsoft repeats and realleges paragraphs 2-3 of its Counterclaims, as if 
fully restated herein. 

53. This Court has exclusive subject matter jurisdiction over Microsoft's cause 

of action for patent infringement under ijitle 28, United States Code. Sections 1331 and 1338. and 

.1 

under the patent laws of the United States, Title 35 of the United States Code. 
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54. U.S. Patent No: 6,049,671 p^c '671 Patent") issued to Microsoft 
Coiporation as the assignee of Benjamin ^. SUvka and Jeffrey S. Webber on April 1 1. 2000. 

55. A true copy of Stbe '^71 Patent is attached as Exhibit C hereto, and is 

incorporated herein by reference. i 

56. Microsoft owns all right, tide and interest in the '611 Patent 

l{ 

57. InterTmst has had actual notice of the *67 1 Patent, 

58. InterTnist has infri|ged one or more claims of the '671 Patent, in violation 

of at least 35 U-S.C. § 271{a, b, c). |' 

59 InterTrust's infiingcment of the '671 Patent has cansed and will continue to 

f 

cause Microsoft damage, including irreparable harm for which it has no adequate remedy at law. 

• I 

COUNT ym - INFRINGEMENT 
OF IJ>S. PATENT NO. &2S6.668 



61. 



Corporation as the assignee of Benjamin 



63. 
64. 



60. Microsoft repeats and reaUeges paragraphs 2-3 and 5 1 of its Counterclaims, 

as if fully restated herein. 

tf.S. Patent No. 6,256,668 Bl ("the '668 Patenf') issued to Microsoft 
I W. Shvka and Jcfirey S. Webber on July 3. 2001. 
62. A true copy of the i'668 Patent is attached as Exhibit D hereto, and is 
incorporated herein by reference. 

Microsoft owns all rigjit, title and interest in the '668 Patent 
InterTmst has hadl.actual notice of the *668 Patent. 
65 . InterTmst ha^ infi inged one or more claims of the '668 Patent, in violation 
of at least 35 U.S.C. § 271(a, b, c). ' 

66 InterTrust's in&infeement of the '668 Patent has caused and will continue to 
• I ij ^ , 

cause Microsoft damage, including .irrepjarable hann for which it has no adequate remedy at law. 

PRAYER FOR RELIEF 

WHEREFORE. Microsoft prays for the following relief: 

A. ■ The Court enter judgment against LiterTrusx on, and dismiss with 
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prejudice, any and all claims of the SecondlAmended Coirq)laint; 

B. The Cpun enter jiid|mait declaring that Microsoft has not infHngcd, 
contributed lo infiingement of> or induccd|nfringcment of the '683 Patent; 

C. The Court enter jud|mciit declaring that Microsoft has not infringed, 
contributed to infringement of, or induceJinfringemoit of the '193 Patent; 

D. The Court enter juiJgment declaring that Microsoft has not infringed, 
contributed to infringement of. or inducecjiinfiingement of the '504 Patent; 

E. . The Court enter judgment declaring that Microsoft has not infringed, 
contributed to infringement of, or inducw iinfringement of the '861 Patent; 

F. The Court enter ju( gment declaring that the '683 Patent is invalid; 
The Court enter ju( Igment declaring that the * 1 93 Patent is invalid; 
The Court enter judgment declaring that the '504 Patent is invalid; 

The Court enter julgment declaring that the '861 Patent is invalid; 

f 

figment that the '861 Patent is unenforceable due to 



G. 

H. 
L 
J. 

inequitable conduct; 

K. 
L. 
M. 



The Court enter jui 



The Court enter juSgment that InterTrust has infringed the '671 patent; 
The Court enter juHgment that InterTrust has infringed the '668 patent; 
A permanent injunction prohibiting InterTrust, its office agents, servants, 
employees, and all persons in active, conifert or participation with them from infringing the '671 
and '668 Patents; 

tcrTrust of damages and attorney fees, pursuant to the 



R An award against 
provisions of 35 US.C §§ 284, 285 

O. An award to Microsoft of prqudgment interest and the costs of this action, 
P The Court award lo Micitjsoft its reasonable costs and attorneys' fees; and 
Q. The Cotirt grant to' Microsoft such other and fiirther rehef as may be 
deemed just and appropriate. 
/// 
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Pursuant to Fed. R. Civ 

trial by jury. 

DATED: September 17, 2001 
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The DigiBox: 
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Abstract 

Information Commerce is a business activity carried out among several parties in which information car- 
ries value and is treated as a product The information may be content, it nuxy be returned usage and mar- 
keting data, and it may be representative of financial transactions. 

In each of these cases the information is valuable and must be kept secure and private. Traditional 
approaches secure the transmission of that information from one point to another; there are no persistent 
protections. Protection of all of these components of information commerce for ail parties in a transaction 
value chain is necessary for a robust electronic infrastructure. 

A prerequisite to such an erpfuvnment is a ] cryptographicaify protected container for packaging 
information and controls that enforce informadon rights. ThU paper describes such a container, called the 
DigiBox^, EPR has submitted initial specffi€atit>nsfor the DigiBox container to the ANSI USP Electronic 
Publishing Task Force (EPUB) within the User/Content Provider Standards Working Groiq> (WG4). 



1 Introduction 

As services and products in roodein coimnoce 
increasingly take eleclionic form, traditionai com- 
merce is evolvipg into electronic comzDerce. This 
includes both creaticra and enforcement of variqus 
agrccments between parties in an electronic com- 
mercial relationship. It also includes enforcing Ine 
rights of these parties with itspect to the secure 
manageineDt of electronic content or services 
usage, biilipg, paynjent, and related activities. 

To save money, to be competitive, and to be effi- 
cient [1 ,2), mcmbcis of modem society will shortly 
bt using new information technology tools that 



tiuly suppoit clecffonic commerce. These tools 
provide for the flow of products and services 
through creators*, providers*, and users* hands. 
They enable the creation, negotiation, and enforce- 
ment of electronic agrcemrats, including the evo- 
lution of controls that manage both the use and 
consequences of use of electronic content or ser- 
vices. In addition, these tools support "evolving** 
agreements that pipgrcssively reflect the require- 
ments of further participants in a cororoercial 
model. 

Participants in electronic commerce [3,4] will need 
rules and mechanisms such that: 
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1 . Infonnatiott providers can be assured thatlheir' 
content is used only in authorized ways; 

2. Privacy rights of users of contexit are pre- 
served; and 

3. Diverge business models related to content can 
be electronically implemented. 

The Intemct and other infonnation commerce 
infrastructures will require a management compo- 
nent that enforces such nilcs, ensuring a* safe, 
coherent, fair, and productive conmiunity. This 
management component wDl be critical to the elec- 
tronic highway*s acceptance. Without rules to pro- 
tect the rights of content providers and • other 
electronic community inembcrs» the electronic 
highway will comprise nothing more than a collec- 
tion of limited, disconnected applications. 

Analysts have concluded that content will coxssti* 
tute the largest revenuc-generatiBg component of 
the information superhighway [5]. It is also clear 
that unfettered access to content requires that con- 
tent providers be able to maintain control over lit- 
erary or copyrighted assets. Many analysts 
conclude that this will be one of the key bottte- 
necks in the implementation and deploynient of 
New Media. 



reqcires a substantial manufacturing investment 
Figure 1 Ohistrates a simplified traditional infonna- 
tioo economy: physical goods fiow from a pub- 
lisher (manu&cturer) to a customer, in response to 
orders and followed by payments. The author's 
relationship with the publisher may be more light- 
weight, but the author is nonetheless dependent on 
ttie publisher to report sales and make royalty pay- 
ments ID accofdance with the autbor^s contract In 
addition, a fi-naTira^l Institutios provides payment 
processing and clearing services for all parties. 



Finandai 
Institution 




2 Information Commerce and Digital 
Value Chains 

Information connnercc is oilen considered' a 
wholly new concept, made possible only through 
the use of networks and computers. In f^ct',' a 
robust information economy has existed foriccniu- 
ries. involving trafficking in physical repfvsenia' 
(ions of information such as books, newspapers, 
and so on. Because such commerce involvesiph^- 
cal goods, there is anon-negligible floor to the dost 
of handling information goods. The new aspectsiof 
the electronic infonnation economy are that w 
information itself is the entire product and &at jthc 
product can be distributed at negligible xnarginal 
cost. 

The traditional information economy in physical 
goods is ptiblisher-ccntric, because creation' of 
information goods — ^particularly Iow<o5t goods — 



Figure 1. Ttadftional mfomiation economy. 

Because of the flexibility afforded by electronic 
mechanisms, information commerce is evolving 
from indirect^ advertiser-supported, mass-audi- 
ence media to a new, liiche-audience-oriented busi- 
ness modcL In this system, members of the 
electronic connnimity, with . or without the ceo* 
nomic support of advertising, pay providers 
directly for what they want to receive. Busincss-to- 
business purchasing is steadily evolving into a 
direct electronic ordering modcL 

Figure 2 iHustrates the flexibility possible in new 
electronic information coirmiercc models. 
Although there is still a role for publishers, this 
role no longer involves physical goods. Rather, the 
publisher is responsible for packaging and aggre- 
gating information goods and control infonnation. 
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then niakiDg ihtm available to customers. Similar 
to 3 manufecturing/distribution/retail chaiD for 
physical goods* the electronic model pcnnits infor- 
njatioD retailers, and even end customers, to 
package and redistribute different aggregations of 
inforaiation while ensuring that the appropriajtc 
control niles are maintained. A clearinghouse 
ensures that usage information and payments a^c 
provided directly to authors and publishers; tljc 
payments diemselves are made through traditjonal 
financial institutions. Because control rules are 
associated with information, a variety of payment 
and other business models can be associated with 
the same content (e-g^ purchase versus pay-per- 
use). 



2. 1 Protecting All the Information In 
Information Commerce 

The veiy prc^erties that make "the net*' attractive 
as a distribution medium — case of ijiampulaiing 
information in electronic fonn — also appear to 
make these protections intractable. Addressing this 
dichotomy requires a paradigm shift in conoputer 
architecture to introduce the concept of a "secure 
processing*' environmeiit in which protected infor- 
mation can be manipulated without being subject 
to external tampering or disclosure. A prerequisite 
to such an environment is a cryptographically pro* 
tected "container** for seamlessly packaging infor- 
mation and controls that enforce infonmation use 
rights. 



Psymcnt 
w AuihorizatiDslI 



aewmsbonse 




Retailer 


Contcm 




Redisthhuta 





CusipDier 
Purcnosn 



Fic^e 2. Electronic information cccmoroy. I| 

The conversion from traditional commercial di^- 
bution channels requires key foundation techncflo- 
gies and results in a fundamental shift in existing 
infrastnictores. This channel transformation jyill 
create a new electronic digitai distriburion industry. 
Digital distribution employing the DigiBox con- 
tainer architecture and its associated support envi- 
ronment, lntcrTrustT«, can play a critical role in 
this transfoTtnation of the communication, mejdia, 
and information tcclmology markets. 



The DigiBox described by this paper is such a con- 
tainen 

The need for various infbrtnation commerce com- 
puten and appliances to intcroperate requires fkaX 
this container format and its access methods be 
standardized. EPR has submitted initial specifica- 
tions for the DigiBox container to the American 
Nadonal Standards InstitDtc (ANSI) Information 
In£rastiuchire Standards Panel (IISP) through the 
Electronic Publishing Task Force (EFUB) in the 
User/Content Provider Standards Working Group 
(W04). 

The primary goal of information protection is to 
permit proprietors of digital information (i.e^ the 
artists, writers, distributois, packagers, market 
researchers, etc.) to have the same type and degree 
of control present in the '*papcr world-" Because 
digital information is intangible and easily diq>li- 
caied, those rights arc difficult to enforce with con* 
ventional information processing tecJmology. 
Many types of rights (comperisation, distribution, 
modification, etc.) are associated with the various 
elements of information commerce, and these 
ix^ormation property rights take many forms. At a 
high level, there is the legal definition of "copy- 
right," codified in U.S. law [6^9] arid the Berne 
Convention. This gives copyright holders a legal 
right to control bow copyrighted information is 
handled. In addition, various high-level rights are 
conferred by contractual airangcments between 
primary- rightsholders and other parties. 
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For exansple, the protections needed for content 
elements incorporate the licensing provisions for 
&e intellectual property rights of the content right- 
sholders. In a broader sense, dsese rights inclnde 
control oyer several activities: the right to be com- 
pensaied for use of the property; the right to con- 
trol how content is distributed; the right to prevent 
modification of content by a ttistributor, "fair use" 
rights; the righu to the usage data, privacy rights jof 
individuals, and so on. jj 

:l 

In the realm of physical goods, these rights arc 
enforced by a combination of legal and technical 
means. However, the technical means can be (and 
are) unsophisticated because the technology for 
violating rights is relatively expensive and timfc- 
CQDSuming — in comparison to equivalent activities 
with respect to digital information. Photocopymg a 
book or copying a video cassette is inherent^ m^e 
labor intensive and costly fiian copying a file; ^o, 
while dcfcatiog technical means of enforcemwitjis 
(relatively) expensive, it can be done — and often 
the legal means to deter this aie inadequate. >i 

,> 
I 

2.2 Information Commerce — T^ot Just :/ 
Payment 7 

..j 

Rights protection is also a fundamental aspect )0f 
commerce. Commerce is not just a way for two 
parties to pay each other for something. Rather; it 
is an extraordinarily rich web of relationships 
among parties that concerns payment, negotiation, 
control, advertising, reporting, auditing, and a vari- 
ety of other activities. These activities are impor- 
tant aspects of the transaction relationships. Often 
the information carried in these reports, audits^ &d 
the like is highly valuable and highly con£de&^al, 
perhaps even more valuable than the content that is 
the subject of the information commerce at h^d. 
These activities too are perfonned and controlled 
in the "paper world" by legal and technical means, 
but there are no widely used models for their elec- 
tronic equivalents. 



Figure 3 shows some of the operations that could 
occur m true electronic commerce, using the Inter- 
net World-Wide Web [10] mechanisms as an exam- 
ple. Creators originate content and apply rules 
(e.g., ^'pay author $1.00/use") for jts use. Distribu- 
lOTs 'ltpactage content, applying additional lulcs 



(e.g., "pay $5,00 for the collection, then pay the 
creator," "report use of each itcin'O- Users receive 
content and operate on it, generating billing reports 
and usage rqjorts tiiat are delivered to a clearing- 
house and paid or sununariied back for the origi- 
. nating parties. This stmctxjrc is veiy rich and is 
capable of sx^^porting many business models. 
There are multiple flows of information in many 
different chrections amongst the parties involved in 
the transactions. 

Another example is that of an advertiser (acting as 
distributor, or with a distributor). The advertiser 
might have a mle that offers a discount, or no 
charge at all, but only if the user views the adver- 
tisement and agrees to have that fact reported to the 
advertiser. 

It is relatively simple to devise schemes for parties 
to pay each other electronically (for example, Digi- 
Cash [11], NerfiiD [12), Open Market [13], SNPP 
[14],NetGbcque [15], First Virtual [16], etc.). Pay- 
ment, however, constitutes only one — and perhaps 
the simplest one — of die means in which parties in 
commerce interact All the other iriformation com- 
meme components must be accomplished with the 
same needs for security, privacy, and integrity. In 
fact, these aspects of electronic commerce, includ- 
ing rights protection, are strongly intertwined in 
the digital economy, because much digital com- 
merce concerns information and innovative busi- 
ness models for infonnation commerce. 

3 Existing Approaches to Information 
Commerce 

Information proprietors employ a variety of tech- 
nological protection approaches today. These 
approaches are generally ''point solutions,** in that 
they protect a specific type of property in a specific 
context and enforce only specifically defined 
rights — typically only the right to compensation 
for use. Because the technologies are limited, the 
market is fi^gmented, and there are no general pro- 
tection solutions. . 
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Figure 3. Muhi-party Internee infbnsation coxraherce. 



3.1 No Protection 



Much digital property is distributed without aiJy 
technological enforcement for property rights, on^ 
the assumption that legal means suJSce. This 
approach works well enough for many low-value 
properties, but i; has the disadvantage of raising the 
price Ip legitimate useis who must pay for both 




DigiBox- 
Awaie 
Browser 



Users 



their own and illegitimate use. In many cases, how- 
cyci; this cost is negligible, and no protection is an 
economically sound choice. Even for content that 
is free, however, a creator may wish to impose 
some lules for reporting or some access control. Of 
comse, privacy rights of users will be a conton to 
many. 
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3^ License Managers 



For some valuable software properties, license 
managers are xised. Because a software property is 
dynamic (executable), it is feasible to restrict it 59 
that it functions properly only througb interactitm 
with a license manager process. In general, there « 
no protection of usage data in these schemes, fi 
some cases this technique has been applied to con- 
tent protection, but only with limited success [l^, 
181. I 

33 Cryptographic Unlock | 

Some static properties (fonts, for exan^le; also 
some installable software) arc protected by a siin- 
plc •'unlock" scheme: a purchaser makes a pur- 
chase, for example by telephone with a credit car|l 
and receives a cryptographic key in return- Tms 
key can then be used to **unlock" one property 
from some widely distributed medium (e.g^ CD- 
ROM or network download). This mechanism jis 
relatively inflexible, and its inherently manual 
nature makes it expensive. ^ 



3.4 BiUSng Schemes ] 

n 

Various billing schemes (as mentioned above) p«r- 
mit purchase of infonnation following what ts 
essentially an electronic check or electronic credit 
draft modcL These methods are suitable for cot- 
ventional transactionsy but not for the enonnous 
volumes of (mdividually) very low-value transai?- 
tions that would be generated using a complex dig- 
ital property. 

3.5 Secured Delivery Ij 

Various securrd dehvery systems (e.g., SSL [1.9]. 
SHTTP (20]) share the same problems as crypto- 
graphic unlock, but in a network context They are 
only point-to-point solutions, with the infoimatmn 
(content, usage data, etc.) at each site being left 
unprotected once the delivery has occuuedL Fur- 
thermore, they arc inhcreniiy online systems: it is 
not practical 10 decouple the delivery of bforma- 
liOTk from payment for its use. 



4- Information Protection Architecture: 
' .loterlVust and DigiBox 

EPR has produced the InterTrust Mitual Distribu- 
tion Architecture to solve unmet, critical needs of 
electronic commerce. Almost any imaginable 
iuformBtion transaction can be supported by Intei- 
Tnist A few examples include distribution of con- 
tent (e.g., text, video, audio) over networks, 
selective release of data from a database, con- 
trolled release of sensitive information, and so on. 
InterTrust can also support the secure communica- 
tion of private information such as EDI and elec> 
trome &iancial transactions, as well as delivery of 
the- "back channer marketing and usage data 
resulting from transactions. 

DigiBox is a foundation technology within Inter- 
Xiust It provides a secure container to package 
infonnation so that the information cannot be used 
except as provided by the rules and controls associ- 
aied v/xQi &e content InterTrust rules and controls 
specify what types of content usage arc permitted; 
as well as the consequences of usage such as 
reporting and payment 

Within InterTrust, DigiBox containers can enforce 
a' "distributed electronic contract* for value-chain 
activities functioning within an electronic distribu- 
tion environment Hiis unique -approach underlies 
EPR*s information metering and digital ri^ts pro- 
tection technology. Electronic commerce infra- 
irtructure participants can use InterTrust to 
substantially enhiance their network, secixrity, or 
payment me&od solutions. 

The DigiBox is a container for both digital prop- 
erty (content) and controls. It is used in conjunc- 
tion with a locally secured rights protection 
application (discussed fur&er below) to make con- 
tent available as governed by arbitrarily flexible 
controls. 

The DigiBox container mechanism is implemented 
in; a set of platfomi-indcpendent class libraries that 
provide access to objects in the container and 
extensions to OpenDoc and OLE object technolo- 
gies. DigiBox allows rights management compo- 
nents to be integrated with content in highly 
flexible and configurable control strucmres. Digi- 
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Box rights management componcDts can be inte- 
grtted with content in a single deliverable, or somi 
or all of the compcmcDts can be delivered indepew 
deotly. DigiBox rights management components 
enable true superdistribution [21 J and can supp'oitj 
virtually any network topology and any number ofi 
participants, including distributors, redistributors, 
infonnation retailers, corporate content users, anc| 
consumers, 

4.1 Content 

The digital mfonnation in a DigiBox (one or more 
"properties") is infonnation in any form. Si may be 
mapped lo a specific compomid object format (c.g.| 
OpenDoc. OLE, PDF), or may be application spc| 
cific. J 

1 

Further, it may be delivered in stream or othai 
communication-oriented fonns, not just in a files 
like container. 

4.2 Controls 

Controls specify mles and consequences for opera- 
tions on content Controls are also delivered in ^ 
DigiBo?c, and the controls for a property may bje 
delivered either with the property or independcotlv. 
Controls are lied to properties by ciyptographii 
means. | 

Because controls can be delivered with propcrti« 
in a container, the DigiBox supports superdistiiba 
tion. 

4.3 Commerce 

Commerce takes place governed by controb. ^ 
may involve metering, billing for use, reporting qf 
usage, and SO on. These operations take pla^e 
locally in a secure environment, and they generic 
audit trails and reports that must be reported pen- 
odicaJly to clearinghouses. | 

5 DigiBoj Implementation 

The DigiBox is a structure that can hold, in a pro- 
tected manner, infomiation commerce elements of 
a\\ kinds; Conienl» usage infonnation, representa- 



tion of financial transactions (e.g., electronic cash), 
and! ddjcr digital elements of infonnatioEn com- 
merce. 

I 

5,1 i Container Logical Stroctnrc 

Figiirc 4 shows the logical structure of propeiries 
and' control sets in two containers. Container C|- 
hol^s two properties, P, and Pj, and one control set, 
CSj, that applies to property P); container C, con- 
tains two control sets and no properties. As shown 
in the example, each of &cse elements .has a title 
attribute to provide a human-readable description 
of the element and, for control sets, an attribute 
indicating to what other elements the control set 
applies. 

A control set specifies rules and consequences, 
such as pricing, reporting, and so on, for the prop- 
erties to which it applies. A user holding just this 
container could nse (e,g., view, print) content &om 
p^_!_jboiigh only as specified by CSj. Because 
there is no control set applying to P^ in that con- 
taxnei, Pj would not be usable in any way. 

i 

A user holding both containers could use property 
pj a$ specified by CS^, and in addition has the 
chbice of whether to designate CS| or CS3 when 
using P,. CSy which describes itself as '•discount," 
is likely to be the user's preferred choice. 

The IDigiBox includes several elements: organiza- 
ticlnal' structures, properties, controls, and support- 
ing data items. Ahxiost all the infonnation in a 
D%iBox is encrypted, as described below, and 
access to the encrypted form is provided through a 
storage manager as appropriate, depending on how 
the DigiBox is delivered (e.g., as a file or as a data 
strain). 

SijZ Container Physical Structure 

Figure 5 i$ a schematic picture illustrating the 
pllysical sHucture of a DigiBox container. (Some 
elements have been omitted for clarity.) It begins 
with a container header structure con tainin g 
descriptive and organizational information about 
thfe container. Part of the container header is 
encrypted (both for secrecy and for integrity pro- 
tection); .the rest is public organizational infoima- 
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Figure 4. CootaiDcr logical structure. 



tioiL The header is followed by additionaJ 
container- wide structures such as the transpprt A^y 
block (TKB) and ih^ container table of contends 
(TOC)^ some of which arc encrypted and othcw 
not. . J 



These organizational eJeiuents arc followed by the 
strucnires defining the container's content (e.g., 
properties and control sets). As shown in the fig- 
ure, a property is represented by a property header^ 
property attributes, and data blocks composing the 
property. As shown, the header is encrypted and 
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Title = discount 




Control Set 
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[: ; Container 



the attributes are not; the data blocks may be 
wholly or partly encrypted, br not at all, depending 
on security requirements. 

The figure shows an example propeny consistmg 
of ajmultimedia property formed from a pair of 
synchronized -data strrams for audio and video. In 
this jexample, each video block is mostly imen- 
crypted so that access can be rzpid while Still main- 
taining reasonable security — encrypting even 10 
percent of an MPEG stream renders it cGectivcly 
useless for illicit copying. On the other hand, the 
audio is entirely encrypted, and each audio block 
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Figure 5, Container physical format 



uses four distinct keys, bec^e ihe content piopii - 
ctor requires much stronger security for audio than 
for video. 



A property is represented as one or more proper! f 
sections, each of which is independently associate 1 
with control infoimation, and which may also 1 1 
stored and accessed independently. A property, fci 
example, might be a collection of clip-art images, 
and each image might be a property "chunk,'^ wijh 
its ovwi control specifying how that image's creat( t 
is compensated 

Controls can map to property chun3cs at arbitrasy 
granularity and can enforce arbitrary organiza- 
tional structures within the property (such as a file 
hitmchy). Controls can apply to individual bytes, 



ftoTrifiL of a movie, segments of a musical piece, 
an'd so on^ because the mapping is performed by a 
co'norol process specified by the control stnicmre, 
n<k simply via a table*driven data stnicnire. 



513 i [ Cryptographic Techniques 

j|. • ' 

libc; -high-level elements in a DigiBox are 
en'ci^ted with a transport key that is normally 
dpriyed (by exclusive OR) from two parts: one that 
isl'delivercd in the DigiBox itself, encrypted with a 
pnblic key algorithm, and the other that is stored in 
protected storag/e locally. The locally stored part is 
sfiared among all the local nodes enable of pro- 
cessing that DigiBox, but the part in the DigiBox is 
uhique. This separation provides protection against 
accidental or malicious disclosure of either part. 
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Figure 6. Container transport security. 



Figure 6 illustrates how the transport key (TK) is 
derived. The transport key block (TKB) contains 
one or more slots, each of which contains a partial 



TKEK 
Storage 



ID=6 


TKEK^ 


ID-7 


TKEK7 


ID = 8 


TKEKg 


ID=30 


TKEKso 


ID«3I 




ID = 32 


TKEK32 


ID^33 


TKEK33 



Partial TK 
Storage 



ID=*73 


. Partial TK73 


ID = 81 


Partial TK^l 


ID-90 


PanialTK9o 


ID =142 


Partial TK142 


1D=176 


Partial TKj^^ 


ID = 177 


Partial TK|77 



transport key encrypted under a different transport 
Iccy encrypting key (TKEK). Each TKB slot identi- 
fies the TKEK used, and a matching TKEK is 
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selected fr^m local protected storage. Decrypting 
the slot yields a partial TK, which is com^^ined 
with its correjpondiDg partial TK again from^pro- 
tected local storage to yield the actual TK for 
decjypting the container header, 

'< 

h 

The data for the property itself is encrypted ^witi^ 
other keys ("content keys") that are themselves 
delivered in encrypted high-level structures^ this 
approach permits the keys for a property \o be 
delivered entirely separately from the property Of 
its controls. Multiple keys, in a wide variety of 
key-mapping schemes, are used to encrypt the 
data, limiting the loss that would occur from diS7 
closure of any one key. ] 

All DigiBox control structures are both encrypted 
and verified for integrity with a cryptographic hash 
fimction. Several cryptographic .algoriflmis are 
supported for these control structnres (principalljr 



for export control reasons), and arbitrary! algo- 
rithms are supported for encryption of the data, j 

5.4 Security Characteristics * j 

The DigiBox cryptographic structures are dcsigne^ 
to be secure even in the face of loss pf individuM 
key components, and to minimize the damage in 
case a key or processing enviiomnent is compn^ 
miscd. The system is designed to provide commer- 
cially acceptable risks and losses for a variety of 
business models. I 

; i 

The basic algorithms arc strong: TOple DES [22] 
and RSA [23] are preferred. This sccuritr.is, of 
course, only as strong as the lamper-resistflbce of 
the local processing environment The preferred 
implementadon of DigiBox processing relies on a 
"sfxurc processing unit" (SPU) that contmns ja 
CPU, memory, program storage, and key storage in 
a single lamper-resistant hardware packa^. 
Although these are not widely available to^ay, the 
variety of applications they might support niakesjit 
likely thai such SPUs will become widely inte- 
grated into common computing platforms. When 
running in an SPU, the DigiBox processing and 
control mechanisms are' sufiBciently well protected 
to support most commerce applications. 
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In he absence of an SPU, oAcr approaches are 
use ful for many business modcU. In fect^ a soft- 
waie-only implementation is sufficient for many 
apdlicatioiiS, because much content is of relatively • 
low value and is used in a context (b^i^incss to 
business) where a modest level of foud is both less 
likely and more tolerable. As long as tiie software 
is Ajoderatcly difficult to defeat and tools to defeat 
it Have no legitimate purpose, business models can 
be supported where some risk of loss is acceptable. 
In pt world of electronic commerce, just as for tra- 
ditional commerce, security is not absolute: it is 
ju* a factor to balance against the cost of loss and 
jud. 

I Conclusions 

_ ije DigiBox is one component of a general-pur- 
pose electronic commerce solution that rests on 
|cc basic principles: rights protection, intcropera- 
bi^ty, and strong security. 

ctronic commerce, and infonnation commerce 
jyaiticular, needs a robust information protection 
m&Jianism, including rights protection and con- 
trols, not just payment systems. As the electronic 
wi yrid evolves, however, and moves forward from 
siinply emulating traditional transactions into 
er tircly new business models, rights protection and 
cc ntrol will become the predominant issues. 

Protection of intellectual property rights in infor- 
m ation requires strong cryptography as well as a 
fli adblc infrastructure for controlling use of the 
ii formation. A standard protected container for 
rc formation is necessary to support intcroperabil- 
it: r — most existmg schemes tightly bind the creator 
o: protected information and the software that pro- 
cesses it A standard container can rationBli2e 
ii fomiation commerce and reduce costs fox all par- 
ti :ipants. 

li I the long term, general-purpose secure electronic 
commerce will need pervasive deployment of 
timper-resistant hardware devices to perform 
secure processing of protected content However, 
as these solutions are developed, many business 
models can be accommodated with weaker or less 
(fcmplete solutions because the risk and expected 
1 )sses are conmicrcially acceptable. 
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Busicess-to-busincss purchasing is steadily e>[olv 
mg into a diieci eJedxonic ordering modcL Future 
communicatioxiS and media markets will become 
increasingly segmented and. specialized- in 
response to customer preferences and needs] and 
involve increasing, and more sophisticated, direct 
inteiBction between consmncrs and providos 
These markets and their value chains (with or wifla 
out intermediaiy distributors) will require secure 
meiering and control tools that enable a user to 
efiBcicntly and economically tailor resources to Ai^ 
or her own desires. 

During the next decade, digital dehveiy of tradi^ 
tional electronic products, such as inforaiatipn 
databases and software, will be joined by a rzyidl> 
growing array of both New Media and clccirani- 
cally distributed traditional content lh& cqnver-j 
sion from traditional models requires! ^ev 
foundation technologies and will result in a fondat 
mental shift in current infrastructure. This transfer; 
mation will create a new distribution industr)} 
Digital distrihunon employiog'a universal contem 
and commerce container can play a critical role in 
this broad economic transformation. ] I 

i 9 
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